GHSA-27VH-H6MC-Q6G8

Vulnerability from github – Published: 2024-10-10 16:43 – Updated: 2025-08-21 04:05
VLAI?
Summary
btcd did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality
Details

Impact

The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one).

This consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn't return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a "standard" Bitcoin transaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block.

FindAndDelete vs. removeOpcodeByData

removeOpcodeByData(script []byte, dataToRemove []byte) removes any data pushes from script that contain dataToRemove. However, FindAndDelete only removes exact matches. So for example, with script = "<data> <data||foo>" and dataToRemove = "data" btcd will remove both data pushes but Bitcoin Core's FindAndDelete only removes the first <data> push.

Patches

This has been patched in btcd version v0.24.2-beta.

References

FindAndDelete: https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8

Severity ?
7.4 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
8.3 (High)
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/btcsuite/btcd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.24.2-beta.rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-38365"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-10T16:43:17Z",
    "nvd_published_at": "2024-10-11T20:15:04Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThe btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core\u0027s \"FindAndDelete()\" functionality. This\nlogic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients accepting an invalid Bitcoin block (or rejecting a valid one). \n\nThis consensus failure can be leveraged to cause a chain split (accepting an invalid Bitcoin block) or be exploited to DoS the btcd nodes (rejecting a valid Bitcoin block). An attacker can create a standard transaction where FindAndDelete doesn\u0027t return a match but removeOpCodeByData does making btcd get a different sighash, leading to a chain split. Importantly, this vulnerability can be exploited remotely by any Bitcoin user and does not require any hash power. This is because the difference in behavior can be triggered by a \"standard\" Bitcoin\ntransaction, that is a transaction which gets relayed through the P2P network before it gets included in a Bitcoin block.\n\n#### `FindAndDelete` vs. `removeOpcodeByData`\n\n`removeOpcodeByData(script []byte, dataToRemove []byte)` removes any data pushes from `script` that *contain* `dataToRemove`. However, `FindAndDelete` only removes *exact* matches. So for example, with `script = \"\u003cdata\u003e \u003cdata||foo\u003e\"` and `dataToRemove = \"data\"` btcd will remove both data pushes but Bitcoin Core\u0027s `FindAndDelete` only removes the first `\u003cdata\u003e` push.\n\n\n### Patches\n\nThis has been patched in `btcd` version v0.24.2-beta. \n\n### References\n\n`FindAndDelete`: https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8",
  "id": "GHSA-27vh-h6mc-q6g8",
  "modified": "2025-08-21T04:05:13Z",
  "published": "2024-10-10T16:43:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/btcsuite/btcd/security/advisories/GHSA-27vh-h6mc-q6g8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38365"
    },
    {
      "type": "WEB",
      "url": "https://github.com/btcsuite/btcd/commit/04469e600e7d4a58881e2e5447d19024e49800f5"
    },
    {
      "type": "WEB",
      "url": "https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/btcsuite/btcd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/btcsuite/btcd/releases/tag/v0.24.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "btcd did not correctly re-implement Bitcoin Core\u0027s \"FindAndDelete()\" functionality"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.